Combined C#, C/C++ and Web Application Security Training

Training Calendar

Training

Date

Training Time

Delivery Methods

Combined C#, C/C++ and Web Appli...

<h3>About Training</h3><p>Serving teams that use managed code (.NET and ASP.NET typically written in C#) together with native code development (typically C/C++), this training gives a comprehensive overview of the security issues in both environments.</p><p>Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation.</p><p>The course also covers both the various general (like web services) and specific security solutions and tools, and the most frequent and severe security flaws of managed code, dealing with both language-specific issues and the problems stemming from the runtime environment. The vulnerabilities relevant to the ASP.NET platform are detailed along with the general web-related vulnerabilities following the OWASP Top Ten list. The course consists of a number of exercises through which attendees can easily understand and execute attacks and protection methods.</p><p><br></p><p><br></p><br /><h3>What You'll Learn</h3><ul><li>Understand basic concepts of security, IT security and secure coding</li><li>Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them</li><li>Learn about XML security</li><li>Learn client-side vulnerabilities and secure coding practices</li><li>Learn to use various security features of the .NET development environment</li><li>Have a practical understanding of cryptography</li><li>Realize the severe consequences of unsecure buffer handling in native code</li><li>Understand the architectural protection techniques and their weaknesses</li><li>Realize the severe consequences of unsecure buffer handling</li><li>Learn about typical coding mistakes and how to avoid them</li><li>Get sources and further readings on secure coding practices</li></ul><br /><h3>Who Should Attend</h3><p>C/C++, C# and web application developers, architects and testers. </p><br /><h3>Outline</h3><ul><li>IT security and secure coding</li><li>Web application security (OWASP Top Ten 2017)</li><li>Client-side security</li><li>.NET security architecture and services</li><li>Practical cryptography</li><li>x86 machine code, memory layout and stack operations</li><li>Buffer overflow</li><li>Some additional native code-related vulnerabilities</li><li>Common coding errors and vulnerabilities</li><li>Principles of security and secure coding</li><li>Knowledge sources</li></ul><br />

<h3>About Training</h3><p>Serving teams that use managed code (.NET and ASP.NET typically written in C#) together with native code development (typically C/C++), this training gives a comprehensive overview of the security issues in both environments.</p><p>Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation.</p><p>The course also covers both the various general (like web services) and specific security solutions and tools, and the most frequent and severe security flaws of managed code, dealing with both language-specific issues and the problems stemming from the runtime environment. The vulnerabilities relevant to the ASP.NET platform are detailed along with the general web-related vulnerabilities following the OWASP Top Ten list. The course consists of a number of exercises through which attendees can easily understand and execute attacks and protection methods.</p><p><br></p><p><br></p><br /><h3>What You'll Learn</h3><ul><li>Understand basic concepts of security, IT security and secure coding</li><li>Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them</li><li>Learn about XML security</li><li>Learn client-side vulnerabilities and secure coding practices</li><li>Learn to use various security features of the .NET development environment</li><li>Have a practical understanding of cryptography</li><li>Realize the severe consequences of unsecure buffer handling in native code</li><li>Understand the architectural protection techniques and their weaknesses</li><li>Realize the severe consequences of unsecure buffer handling</li><li>Learn about typical coding mistakes and how to avoid them</li><li>Get sources and further readings on secure coding practices</li></ul><br /><h3>Who Should Attend</h3><p>C/C++, C# and web application developers, architects and testers. </p><br /><h3>Outline</h3><ul><li>IT security and secure coding</li><li>Web application security (OWASP Top Ten 2017)</li><li>Client-side security</li><li>.NET security architecture and services</li><li>Practical cryptography</li><li>x86 machine code, memory layout and stack operations</li><li>Buffer overflow</li><li>Some additional native code-related vulnerabilities</li><li>Common coding errors and vulnerabilities</li><li>Principles of security and secure coding</li><li>Knowledge sources</li></ul><br />

Training Details

Training Time

Capacity

Prerequisites

Documents

About Training

Serving teams that use managed code (.NET and ASP.NET typically written in C#) together with native code development (typically C/C++), this training gives a comprehensive overview of the security issues in both environments.

Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation.

The course also covers both the various general (like web services) and specific security solutions and tools, and the most frequent and severe security flaws of managed code, dealing with both language-specific issues and the problems stemming from the runtime environment. The vulnerabilities relevant to the ASP.NET platform are detailed along with the general web-related vulnerabilities following the OWASP Top Ten list. The course consists of a number of exercises through which attendees can easily understand and execute attacks and protection methods.

What You'll Learn

Understand basic concepts of security, IT security and secure coding

Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them

Learn about XML security

Learn client-side vulnerabilities and secure coding practices

Learn to use various security features of the .NET development environment

Related Trainings

Since all applications today heavily rely on communications and networks, there is no application security without network security. This course focuses on network security with a software security viewpoint, and discusses common network attacks and ...

To serve in the best way heterogeneous development groups that are using various platforms simultaneously during their everyday work, we have merged various topics into a combined course that presents diverse secure coding subjects in didactic manner ...

In this course, after getting familiar with the common weaknesses and their consequences that can allow hackers to attack your system, participants learn about the general approach and the methodology for security testing, and the techniques that can ...

The Python language is used in many different settings – from command-line tools to complex Web applications. Many of these Python programs are exposed to attack, either by being directly accessible through the Internet or by directly processing user ...

The course gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL) with a focus on web application security. It provides a overview of the fundamental building blocks of SDL, followed ...

Android is an open platform for mobile devices such as handsets and tablets. It has a large variety of security features to make developing secure software easier; however, it is also missing certain security aspects that are present in other hand-he ...